代码修改

server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/WlyyTokenGranter.java

@@ -116,6 +116,14 @@ public class WlyyTokenGranter implements TokenGranter {
                        requestFactory,
                        userDetailsService
                ));
        tokenGranters.put(DingTalkTokenGranter.GRANT_TYPE,
                new DingTalkTokenGranter(
                        authenticationManager,
                        tokenServices,
                        clientDetailsService,
                        requestFactory,
                        userDetailsService
                ));
    }
    public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
@@ -576,6 +584,56 @@ public class WlyyTokenGranter implements TokenGranter {
                throw new InvalidGrantException("User account is locked");
            }
//            parameters.put("password",userDetails.getPassword());
            Authentication userAuth = new UsernamePasswordAuthenticationToken(username,userDetails.getPassword(),  this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
            ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
            OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
            return new OAuth2Authentication(storedOAuth2Request, userAuth);
        }
    }
    /**
     * 钉钉免登录
     */
    public static class DingTalkTokenGranter extends AbstractTokenGranter {
        private static final String GRANT_TYPE = "dingTalk";
        private final AuthenticationManager authenticationManager;
        private final UserDetailsService userDetailsService;
        private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
        public DingTalkTokenGranter(AuthenticationManager authenticationManager,
                                  AuthorizationServerTokenServices tokenServices,
                                  ClientDetailsService clientDetailsService,
                                  OAuth2RequestFactory requestFactory,
                                  UserDetailsService userDetailsService) {
            this(authenticationManager, tokenServices, clientDetailsService, requestFactory, userDetailsService, GRANT_TYPE);
        }
        protected DingTalkTokenGranter(AuthenticationManager authenticationManager,
                                     AuthorizationServerTokenServices tokenServices,
                                     ClientDetailsService clientDetailsService,
                                     OAuth2RequestFactory requestFactory,
                                     UserDetailsService userDetailsService,
                                     String grantType) {
            super(tokenServices, clientDetailsService, requestFactory, grantType);
            this.authenticationManager = authenticationManager;
            this.userDetailsService = userDetailsService;
        }
        @Override
        protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
            Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
            String username = parameters.get("username");
            SaltUser userDetails = (SaltUser)userDetailsService.loadUserByUsername(username);
            if (!userDetails.isEnabled()) {
                throw new InvalidGrantException("User is disabled");
            }
            if (!userDetails.isAccountNonLocked()) {
                throw new InvalidGrantException("User account is locked");
            }
//            parameters.put("password",userDetails.getPassword());
            Authentication userAuth = new UsernamePasswordAuthenticationToken(username,userDetails.getPassword(),  this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
            ((AbstractAuthenticationToken) userAuth).setDetails(parameters);

server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java

@@ -300,6 +300,24 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
                String data[] = encdata.split(":");
                username = data[1];
                parameters.put("username", username);
            }else if("dingTalk".equals(flag)){
                //钉钉免登录
                parameters.put("grant_type", "dingTalk");
                String authCode = parameters.get("authCode");
                if(org.apache.commons.lang3.StringUtils.isBlank(authCode)){
                    throw new InvalidRequestException("请求参数错误");
                }
                String registerRes= httpClientUtil.get("http://127.0.0.1:10301/doctor/dingtalk_app_user?authCode="+authCode,"UTF-8");
                JSONObject jsonObject= JSONObject.parseObject(registerRes);
                if (jsonObject.getInteger("status") == 200){
                    parameters.put("username", jsonObject.getString("message"));
                }else{
                    HttpHeaders headers = new HttpHeaders();
                    headers.set("Cache-Control", "no-store");
                    headers.set("Pragma", "no-cache");
                    Oauth2Envelop<WlyyUserSimple> oauth2Envelop = new Oauth2Envelop<>(jsonObject.getString("message"), -1, null);
                    return new ResponseEntity<>(oauth2Envelop, headers, HttpStatus.OK);
                }
            }else if (StringUtils.isEmpty(parameters.get("captcha"))) {
                parameters.put("grant_type", "password");
                //解密密码